AppSec Serialized by Invicti
The cybersecurity podcast about application security and those who practice it. Hosted by tech industry veterans, each episode focuses on a specific area of cybersecurity, with the hosts and their guests sharing their practitioners’ experiences and opinions, sprinkled liberally with a solid dose of humor and anecdotes.
Episodes
Cross-site scripting (XSS) is one of the oldest web vulnerability types and still a very real threat.
In this episode, Frank Catucci and Dan Murphy talk about the origins of cross-site scripting, some high-profile attacks, and best practices to test for and also prevent XSS in applications. In the fiction segment, Mallory the hacker uses XSS to inject script into an old and vulnerable leaderboard server—but she has to work hard to ...
Knowing what sites, apps, and APIs you’re exposing to the Internet is crucial for determining your realistic risk level and making accurate security decisions.
In this episode, Frank Catucci and Dan Murphy are joined by special guest Bogdan Calin, Principal Security Researcher at Invicti, to talk about ways of determining an organization’s web attack surface and the resulting risk level. In particular, they discuss the pro and cons...
APIs are the secret door through which so many application attacks are executed in recent years. Compared to graphical user interfaces, they are far easier to build and deploy but far harder to test and secure, making API security a top concern.
In this episode, Frank Catucci and Dan Murphy dive into the world of API security, discussing high-profile breaches and looking at ways to discover and test the API part of your web applica...
Software supply-chain security is one aspect of cybersecurity that affects every sizable application out there and also every organization that uses web apps and APIs. Application frameworks and libraries make up much of the running code base of modern software—and it only takes one vulnerable or compromised component to create a critical security gap.
In this episode, Frank Catucci and Dan Murphy go into supply-chain security and ...
The role of Chief Information Security Officer, or CISO, is crucial for any sizable organization yet often misunderstood as purely a compliance paperwork post. In reality, CISOs have to balance multiple aspects of information security to minimize risk, ensure timely incident response, maintain compliance, and more—all with finite resources and competing priorities.
In this episode, Frank Catucci and Dan Murphy talk to a real-life C...
Application security engineers connect security to engineering in more ways than one. Without their efforts, skills, and tools, even the best-laid application security policies and programs would remain mere CISO wishlists.
In this episode, Invicti’s Frank Catucci and Dan Murphy talk to application security engineer Paul Good to learn what a day in the life of an AppSec guy looks like when you need to balance internal and external...
At the heart of any DAST product is a scan engine that needs to be fast and accurate while keeping up with how the latest applications and APIs are being built and attacked. As AI-assisted development increases both the volume of code and its opacity, having an engine that can automatically and reliably test for security flaws without holding up releases is crucial for any serious DAST solution—and for its users.
In this episode ...
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Herd with Colin Cowherd is a thought-provoking, opinionated, and topic-driven journey through the top sports stories of the day.
Football’s funniest family duo — Jason Kelce of the Philadelphia Eagles and Travis Kelce of the Kansas City Chiefs — team up to provide next-level access to life in the league as it unfolds. The two brothers and Super Bowl champions drop weekly insights about the weekly slate of games and share their INSIDE perspectives on trending NFL news and sports headlines. They also endlessly rag on each other as brothers do, chat the latest in pop culture and welcome some very popular and well-known friends to chat with them. Check out new episodes every Wednesday. Follow New Heights on the Wondery App, YouTube or wherever you get your podcasts. You can listen to new episodes early and ad-free, and get exclusive content on Wondery+. Join Wondery+ in the Wondery App, Apple Podcasts or Spotify. And join our new membership for a unique fan experience by going to the New Heights YouTube channel now!
The official podcast of comedian Joe Rogan.